A Behavioral Congruence for Concurrent Constraint Programming with Non-deterministic Choice

HAL Id: hal-01006382

https://hal.inria.fr/hal-01006382v2

Submitted on 27 Dec 2014

HAL is a multi-disciplinary open access

archive for the deposit and dissemination of

sci-entific research documents, whether they are

pub-lished or not. The documents may come from

teaching and research institutions in France or

L’archive ouverte pluridisciplinaire HAL, est

destinée au dépôt et à la diffusion de documents

scientifiques de niveau recherche, publiés ou non,

émanant des établissements d’enseignement et de

recherche français ou étrangers, des laboratoires

A Behavioral Congruence for Concurrent Constraint

Programming with Non-deterministic Choice

Luis Fernando Pino Duque, Filippo Bonchi, Frank D. Valencia

To cite this version:

Luis Fernando Pino Duque, Filippo Bonchi, Frank D. Valencia. A Behavioral Congruence for

Concur-rent Constraint Programming with Non-deterministic Choice. ICTAC 2014 - 11th International

Collo-quium on Theoretical Aspects of Computing, Sep 2014, Bucarest, Romania. pp.351-368,

�10.1007/978-3-319-10882-7_21�. �hal-01006382v2�

A Behavioral Congruence for Concurrent Constraint

Programming with Nondeterministic Choice

Luis F. Pino1

, Filippo Bonchi2

, Frank D. Valencia1

1 _{Com`ete, LIX, Laboratoire de l’ ´Ecole Polytechnique associ´e `a l’INRIA} 2 _{CNRS - Laboratoire de l’Informatique du Parall´elisme, ENS Lyon}

Abstract. Concurrent constraint programming (ccp) is a well-established model of concurrency for reasoning about systems of multiple agents that interact with each other by posting and querying partial information on a shared space. (Weak) bisimilarity is one of the most representative notions of behavioral equivalence for models of concurrency. A notion of weak bisimilarity, called weak saturated bisimilarity ( ˙≈sb), was recently proposed for ccp. This equivalence improves on

previous bisimilarity notions for ccp that were too discriminating and it is a con-gruence for the choice-free fragment of ccp. In this paper, however, we show that

˙

≈sbis not a congruence for ccp with nondeterministic choice. We then introduce

a new notion of bisimilarity, called weak full bisimilarity (≈f), and show that it

is a congruence for the full language of ccp. We also show the adequacy of≈f by

establishing that it coincides with the congruence induced by closing ˙≈sbunder

all contexts. The advantage of the new definition is that, unlike the congruence induced by ˙≈sb, it does not require quantifying over infinitely many contexts.

1

Introduction

The Context. Concurrency theory studies the description and the analysis of systems made of interacting processes. Processes are typically viewed as infinite objects, in the sense that they can produce arbitrary and possibly endless interactions with their environment. Process calculi treat these processes much like theλ-calculus treats com-putable functions. They provide a formal language in which processes are represented by terms, and a set of rewriting rules to represent process evolution (or transitions). For example, the termP k Q represents the process that results from the parallel composi-tion of the processesP and Q. A (labeled) transition P −→ Pα ′_{represents the evolution}

ofP into P′given an interactionα with the environment.

Concurrent Constraint Programming(ccp) [25,26] is a well-established formalism that combines the traditional algebraic and operational view of process calculi with a declarative one based upon first-order logic. Ccp processes can then be seen as com-puting agents as well as first-order logic formulae. In ccp, processes interact asyn-chronously by posting (or telling) and querying (or asking) information, traditionally referred to as constraints, in a shared-medium referred to as the store. Furthermore,

⋆_{This work has been partially supported by the project ANR 12IS02001 PACE,}

ANR-09-BLAN-0169-01 PANDA, and by the French Defence procurement agency (DGA) with a PhD grant.

ccp is parametric in a constraint system indicating interdependencies (entailment) be-tween constraints and providing for the specification of data types and other rich struc-tures. The above features have recently attracted a renewed attention as witnessed by the works [21,9,5,4] on calculi exhibiting data-types, logic assertions as well as tell and ask operations. More recently in [14] the authors proposed the post and ask interaction model of ccp as an abstraction of social networks.

In any computational model of processes, a central notion is that of behavioral

equivalences[11]. These equivalences determine what processes are deemed indistin-guishable and they are expected to be congruences. The congruence issue is of great importance for algebraic and compositional reasoning: If two processes are equivalent, one should be able to replace one with the other in any context and preserve the equiva-lence (see e.g, [13]). For example, if⊲⊳ is a behavioral congruence, then P ⊲⊳ Q should implyP k R ⊲⊳ Q k R.

Reasoning on processes and their equalities therefore means dealing with, and com-paring, infinite structures. For this, a widely used mathematical tool is coinduction (see e.g. [1]). Coinduction is the dual of induction; while induction is a pervasive tool to rea-son about finite and stratified structures, coinduction offers similar strengths on struc-tures that are circular or infinite. The most widely applied coinductive concept is

bisim-ulation: bisimilarity is used to study behavioral equivalences, and the bisimulation proof method is used to prove such equivalences. In fact, most process calculi are equipped with a notion of bisimilarity.

The Problem. There have been few attempts to define notions of bisimilarity equiva-lence for ccp processes. These equivaequiva-lences are, however, not completely satisfactory: As shown in [2], the one in [25] is too fine grained; i.e. it may tell apart processes whose logic interpretation is identical. The one in [16] quantifies over all possible inputs from the environment, and hence it is not clear whether it can lead to a feasible proof tech-nique. The notion introduced in [2], called (weak) saturated barbed bisimilarity ( ˙≈sb),

solves the above-mentioned issues and it is a congruence for ccp without nondetermin-istic choice. Unfortunately, as we will show in this paper, it is not a congruence for the full language of ccp. In particular, in ccp with nondeterministic choice,P ˙≈sbQ does

not implyP k R ˙≈sbQ k R.

The goal of this paper is therefore to provide ccp with an adequate behavioral con-gruence based on the bisimulation proof method.

Our Approach. We build on a result of [2] showing that ˙≈sbcan be characterized by a

novel bisimulation game (called, for simplicity, weak bisimulation) which relies at the same time on both barbs and labeled transitions. Barbs are basically predicates on the states, processes or configuration stating the observation we can make of them. This is rather peculiar with respect to the existing notions of bisimulations introduced for other process calculi where one usually exploits labeled transitions to avoid thinking about barbs and contexts. Indeed, labeled transitions usually capture barbs, in the sense that a state exposes a certain barb if and only if it performs a transition with a certain label. This is not the case of ccp, where barbs are observations on the store, while labeled transitions are determined by the processes. A more abstract understanding of

this peculiarity of ccp can be given within the framework of [7] which is an extension of [15] featuring barbs and weak semantics.

As it is customary for weak barbed equivalences, in our weak bisimulation game whenever a player exposes a barb↓e, the opponent should expose the weak barb ⇓e,

i.e. it should be able to reach a state satisfying↓e, but then the game restarts from the

original state ignoring the arriving state. One of our contributions is to show that for ccp the arriving state cannot be ignored.

Our Contributions. In this work, we prove that ˙≈sbis a congruence for ccp without

non-deterministic choice but not for the full language of ccp. We then propose a new notion of bisimilarity, called (weak) full bisimilarity (≈f). We show that≈f is a congruence for

the full language of ccp. We also show the adequacy of the new notion by establishing that it is the largest congruence included in ˙≈sb. In other words≈f coincides with the

congruence induced by closing ˙≈sbunder all contexts. Beyond being a congruence, the

advantage of≈f is that it does not require quantifying over infinitely many contexts.

This is also important as it may simplify decision procedures for the equivalence. To the best of our knowledge, this is the first behavioral equivalence, which does not appeal to quantification over arbitrary process contexts in its definition, that is a congruence for ccp with nondeterministic choice.

A technical report with detailed proofs of this paper can be found in [22].

Structure of the paper. The paper is organized as follows: In Section 2 we recall the ccp formalism. In Section 3 we introduce the standard notion of observational equivalence (∼o) for ccp (from [26]), we then show its relation with the weak saturated barbed

bisimilarity ( ˙≈sb) (from [2]) for ccp with nondeterministic choice. We also prove that

˙

≈sbis not a congruence for the full ccp. In Section 4 we introduce our new notion≈f,

and we prove that (i)≈f coincides with ˙≈sbin the choice-free fragment of ccp; (ii)≈f

is a congruence for ccp with summation; and (iii)≈f coincides with the equivalence

obtained after closing ˙≈sbunder any context. In Section 5 we present our conclusions

and future work.

2

Background

We begin this section by recalling the notion of constraint system. We then present the concurrent constraint programming (ccp) formalism.

2.1 Constraint Systems

The ccp model is parametric in a constraint system (cs) specifying the structure and in-terdependencies of the information that processes can ask or and add to a central shared

store. This information is represented as assertions traditionally called constraints. Following [10,16] we regard a cs as a complete algebraic lattice in which the order-ing⊑ is the reverse of an entailment relation: c ⊑ d means d entails c, i.e., d contains “more information” than c. The top element false represents inconsistency, the bot-tom element true is the empty constraint, and the least upper bound⊔ is the join of information.

Definition 1 (Constraint Systems). A constraint system (cs) C is a complete algebraic

lattice(Con, Con0, ⊑, ⊔, true, false) where Con, the set of constraints, is a partially ordered set w.r.t. ⊑, Con0 is the subset of compact elements of Con, ⊔ is the lub operation defined on all subsets, and true, false are the least and greatest elements of

Con, respectively.

Recall that C is a complete lattice if every subset of Con has a least upper bound in Con. An elementc ∈ Con is compact if for any directed subset D of Con, c ⊑FD impliesc ⊑ d for some d ∈ D. C is algebraic if each element c ∈ Con is the least upper bound of the compact elements belowc.

In order to model hiding of local variables and parameter passing, in [25,26] the notion of constraint system is enriched with cylindrification operators and diagonal

elements, concepts borrowed from the theory of cylindric algebras [20].

Let us consider a (denumerable) set of variables Var with typical elementsx, y, z, . . . and let us define∃Var as the family of operators∃Var = {∃x | x ∈ Var } (cylindric operators) andDVar as the setDVar = {dxy| x, y ∈ Var } (diagonal elements).

A cylindric constraint system over a set of variables Var is a constraint system whose underlying support set Con ⊇ DVaris closed under the cylindric operators∃Var

and quotiented by Axioms C1− C4, and whose ordering ⊑ satisfies Axioms C5 − C7:

C1_{. ∃x∃yc = ∃y∃xc} C2_{. dxx= true}

C3. if z 6= x, y then dxy= ∃z(dxz⊔ dzy) C4. ∃x(c ⊔ ∃xd) = ∃xc ⊔ ∃xd

C5. ∃xc ⊑ c C6. if c ⊑ d then ∃xc ⊑ ∃xd

C7_{. if x 6= y then c ⊑ dxy⊔ ∃x(c ⊔ dxy)}

wherec and d indicate compact constraints, and ∃xc ⊔ d stands for (∃xc) ⊔ d. For our

purposes, it is enough to think the operator∃xas existential quantifier and the constraint

dxyas the equalityx = y.

Cylindrification and diagonal elements allow us to model the variable renaming of a formulaφ; in fact, by the aforementioned axioms, we have that the formula ∃x(dxy⊔ φ)

can be depicted as the formulaφ[y/x], i.e., the formula obtained from φ by replacing all free occurrences ofx by y.

We assume notions of free variable and of substitution that satisfy the following conditions, where c[y/x] is the constraint obtained by substituting x by y in c and fv(c) is the set of free variables of c: (1) if y /∈ fv (c) then (c[y/x])[x/y] = c; (2) (c ⊔ d)[y/x] = c[y/x] ⊔ d[y/x]; (3) x /∈ fv (c[y/x]); (4) fv (c ⊔ d) = fv (c) ∪ fv (d).

We now illustrate a constraint system for linear-order arithmetic.

Example 1 (A Constraint System of Linear Order Arithmetic).Consider the following syntax:

φ, ψ . . . := t = t′| t > t′_{| φ ∨ ψ | ¬φ}

where the terms t, t′ can be elements of a set of variables Var , or constant symbols 0, 1, . . .. Assume an underlying first-order structure of linear-order arithmetic with the obvious interpretation in the natural numbersω of =, > and the constant symbols.

A variable assignment is a functionµ : Var −→ ω. We use A to denote the set of all assignments;P(X) to denote the powerset of a set X, ∅ the empty set and ∩ the

intersection of sets. We useM(φ) to denote the set of all assignments that satisfy the formulaφ, where the definition of satisfaction is as expected.

We can now introduce a constraint system as follows: the set of constraints isP(A), and definec ⊑ d iff c ⊇ d. The constraint false is ∅, while true is A. Given two constraintsc and d, c ⊔ d is the intersection c ∩ d. By abusing the notation, we will often use a formulaφ to denote the corresponding constraint, i.e., the set of all assignments satisfyingφ. E.g. we use x > 1 ⊑ x > 5 to mean M(x > 1) ⊑ M(x > 5). For this constraint system one can show thate is a compact constraint (i.e., e is in Con0) iffe

is a co-finite set inA (i.e., iff the complement of e in A is a finite set). For example, x > 10 ∧ y > 42 is a compact constraint for Var = {x, y}.

From this structure, let us now define the cylindric constraint systemS as follows. We say that an assignment µ′ is anx-variant of µ if ∀y 6= x, µ(y) = µ′(y). Given x ∈ Var and c ∈ P(A), the constraint ∃xc is the set of assignments µ such that exists

µ′∈ c that is an x-variant of µ. The diagonal element dxyisx = y. ⊓⊔

Assumption 1 We shall assume that the constraint system is well-founded and, for

practical reasons, that its ordering⊑ is decidable. Well-foundedness is needed for

tech-nical reasons in the definition of the labeled transition semantics in Section 3.2.

2.2 Syntax of CCP

Let C= (Con, Con0, ⊑, ⊔, true, false) be a constraint system. The ccp processes are

given by the following syntax: P, Q, . . . ::= tell(c) |X

i∈I

ask_{(ci) → Pi| P k Q | ∃}

xP | p(z)

whereI is a finite set of indexes and c, ci∈ Con0. We use Proc to denote the set of all

processes.

Finite processes. Intuitively, the tell process tell(c) adds c to the global store. The addition is performed regardless the generation of inconsistent information. The process P k Q stands for the parallel execution of P and Q.

The guarded-choiceP_i∈Iask_{(ci) → PiwhereI is a finite set of indexes,} repre-sents a process that can nondeterministically choose one of thePj (withj ∈ I) whose

corresponding guard constraintcjis entailed by the store. The chosen alternative, if any,

precludes the others. We shall often write ask(ci1) → Pi1+ . . . + ask (cin) → Pin if I = {i1, . . . , in}. If no ambiguity arises, we shall omit the “ ask(c) → ” when

c = true. The blind-choice process P_i∈Iask _{(true) → Pi, for example, can be} writtenP_i∈IPi. We shall omit the “P_i∈I” whenI is a singleton. We use stop as an

abbreviation of the empty summationP_i∈∅Pi.

∃xis a hiding operator, namely it indicates that in∃xP the variable x is local to P .

The occurrences ofx in ∃xP are said to be bound. The bound variables of P , bv (P ),

are those with a bound occurrence inP , and its free variables, fv (P ), are those with an unbound occurrence3.

Infinite processes. To specify infinite behavior, ccp provides parametric process def-initions. A process p(z) is said to be a procedure call with identifier p and actual parameters z. We presuppose that for each procedure call p(z1. . . zm) there exists a

unique procedure definition possibly recursive, of the formp(x1. . . xm) def

= P where fv(P ) ⊆ {x1, . . . , xm}. Furthermore we require recursion to be guarded: I.e., each

procedure call withinP must occur within an ask process. The behavior of p(z1. . . zm)

is that of P [z1. . . zm/x1. . . xm], i.e., P with each xi replaced with zi (applying

α-conversion to avoid clashes). We shall useD to denote the set of all process definitions.

Remark 1 (Choice-free fragment of ccp).Henceforth, we use ccp\+ to refer to the frag-ment of ccp without nondeterministic choice. More precisely ccp\+ processes are those in which every occurrence ofP_i∈Iask_{(ci) → Pihas its index setI of cardinality 0} or 1.

2.3 Reduction Semantics

A configuration is a pairhP, di representing a state of a system; d is a constraint rep-resenting the global store, andP is a process, i.e., a term of the syntax given above. We use Conf with typical elementsγ, γ′_{, . . . to denote the set of all configurations. We}

will use Conf_ccp\+for the configurations whose processes are in the ccp\+ fragment. The operational semantics of ccp is given by an unlabeled transition relation be-tween configurations: a transitionγ −→ γ′ intuitively means that the configurationγ can reduce toγ′. We call these kind of unlabeled transitions reductions and we use−→∗

to denote the reflexive and transitive closure of−→.

Formally, the reduction semantics of ccp is given by the relation−→ defined in Table 1. Rules R1 and R2 are easily seen to realize the intuitions described in Section 2.2. Rule R3 states thatP_i∈I ask_{(ci) → Pican evolve toPjwhenever the global} stored entails cjandj ∈ I.

Rule R4 is somewhat more involved, first we extend the syntax by introducing a process∃e

xP representing the evolution of a process of the form ∃xP , where e is the

local information (local store) produced during this evolution. The process∃xP can be

seen as a particular case of∃e

xP : it represents the situation in which the local store is

empty. Namely,∃xP = ∃truex P .

Intuitively,∃exP behaves like P , except that the variable x possibly present in P

must be considered local, and that the information present ine has to be taken into account. It is convenient to distinguish between the external and the internal points of view. From the internal point of view, the variablex, possibly occurring in the global store d, is hidden. This corresponds to the usual scoping rules: the x in d is global, hence “covered” by the localx. Therefore, P has no access to the information on x in d, and this is achieved by filtering d with ∃x. Furthermore,P can use the information

(which may also concern the localx) that has been produced locally and accumulated ine. In conclusion, if the visible store at the external level is d, then the store that is visible internally byP is e ⊔ ∃xd. Now, if P is able to make a step, thus reducing to P′

R1_{htell(c), di −→ hstop, d ⊔ ci} R2 hP, di −→ hP ′ , d′ i hP k Q, di −→ hP′_{k Q, d}′_i R3 j ∈ I and cj⊑ d hP_i∈Iask(ci) → Pi, di −→ hPj, di R4 hP, e ⊔ ∃xdi −→ hP ′ , e′ ⊔ ∃xdi h∃e xP, di −→ h∃e ′ xP′, d ⊔ ∃xe′i R5 hP [z/x], di −→ γ ′ hp(z), di −→ γ′ wherep(x) def = P is a process definition in D

Table 1. Reduction semantics for ccp (symmetric rule for R2 is omitted).D is the set of process definitions.

that the process is transformed into∃ex′P′, and that the information∃xe present in the

global store is transformed into∃xe′.4

2.4 Barbed Semantics

In [2], the authors introduced a barbed semantics for ccp. Barbed equivalences have been introduced in [19] for CCS, and have become a classical way to define the seman-tics of formalisms equipped with unlabeled reduction semanseman-tics. Intuitively, barbs are basic observations (predicates) on the states of a system. In the case of ccp, barbs are taken from the underlying set Con0of the constraint system.

Definition 2 (Barbs). A configurationγ = hP, di is said to satisfy the barb c, written γ ↓c, iffc ∈ Con0andc ⊑ d. Similarly, γ satisfies a weak barb c, written γ ⇓c, iff there existγ′s.t.γ −→∗γ′↓c.

Example 2. Consider the constraint system from Example 1 and let Vars = {x}. Let γ = hask (x > 10) → tell(x > 42), x > 10i. We have γ ↓x>5since(x > 5) ⊑ (x >

10) and γ ⇓x>42sinceγ −→ htell(x > 42), x > 10i −→ hstop, (x > 42)i ↓x>42.

⊓ ⊔ In this context, the equivalence proposed is the saturated bisimilarity [8,6]. Intu-itively, in order for two states to be saturated bisimilar, then (i) they should expose the same barbs, (ii) whenever one of them moves then the other should reply and arrive at an equivalent state (i.e. follow the bisimulation game), (iii) they should be equivalent under all the possible contexts of the language.

Using this idea, in [2], the authors propose a saturated bisimilarity for ccp where condition (iii) requires the bisimulations to be upward closed instead of closing under any process context. A process contextC is a term with a single hole • such that if we replace• with a process P , we obtain a process term C[P ]. For example, for the parallel contextC = • k R we obtain C[P ] = P k R.

Definition 3 (Saturated Barbed Bisimilarity). A saturated barbed bisimulation is a

symmetric relationR on configurations s.t. whenever (γ1, γ2) ∈ R with γ1 = hP, ci andγ2= hQ, di implies that:

(i) ifγ1↓ethenγ2↓e,

(ii) ifγ1−→ γ1′ then there existsγ2′ s.t.γ2−→ γ2′ and(γ′1, γ2′) ∈ R, (iii) for everya ∈ Con0,(hP, c ⊔ ai, hQ, d ⊔ ai) ∈ R.

We say thatγ1andγ2are saturated barbed bisimilar (γ1∼˙sbγ2) if there is a saturated barbed bisimulationR s.t. (γ1, γ2) ∈ R. We write P ˙∼sbQ iff hP, truei ˙∼sbhQ, truei.

We shall prove that the closure condition (iii) is enough to make ˙≈sba congruence

in ccp\+. This means that P ˙≈sbQ implies C[P ] ˙≈sbC[Q] for every process context.

However, this is not the case for ccp with nondeterministic choice as we shall demon-strate later on.

Weak saturated barbed bisimilarity( ˙≈sb) is obtained from Definition 3 by replacing

the strong barbs in condition (i) for its weak version (⇓) and the transitions in condition

(ii)for the reflexive and transitive closure of the transition relation (−→∗_).

Definition 4 (Weak Saturated Barbed Bisimilarity). A weak saturated barbed

bisim-ulation is a symmetric relationR on configurations s.t. whenever (γ1, γ2) ∈ R with

γ1= hP, ci and γ2= hQ, di implies that: (i) ifγ1⇓ethenγ2⇓e,

(ii) ifγ1−→∗γ1′ then there existsγ2′ s.t.γ2−→∗γ2′ and(γ1′, γ2′) ∈ R, (iii) for everya ∈ Con0,(hP, c ⊔ ai, hQ, d ⊔ ai) ∈ R.

We say thatγ1andγ2are weak saturated barbed bisimilar (γ1≈˙sbγ2) if there exists a weak saturated barbed bisimulationR s.t. (γ1, γ2) ∈ R. We shall write P ˙≈sbQ iff

hP, truei ˙≈sbhQ, truei.

We now illustrate∼˙sband ˙≈sbwith the following two examples.

Example 3. Consider the constraint system from Example 1 and let Vars= {x}. Take P = ask (x > 5) → stop and Q = ask (x > 7) → stop. One can check that P 6 ˙∼sbQ since hP, x > 5i −→, while hQ, x > 5i 6−→. Then consider hP +Q, truei and

observe thathP + Q, truei ˙∼sbhP, truei. Indeed, for all constraints e, s.t. x > 5 ⊑ e,

both the configurations evolve into hstop, ei, while for all e s.t. x > 5 6⊑ e, both configurations cannot proceed. Sincex > 5 ⊑ x > 7, the behavior of Q is somehow

absorbed by the behavior ofP . ⊓⊔

Example 4. TakeP and Q as in Example 3. One can check that P ˙≈sbQ. First notice

thathP, truei 6−→ and also hQ, truei 6−→. Now note that for all e it is the case that both configurations evolve to a γ where γ ⇓e. Intuitively, none of the configurations

adds information to the store and, since ˙≈sbdoes not care about the silent transitions,

thenP and Q should be weakly bisimilar. ⊓⊔

Finally, notice that in ccp\+ configurations are confluent in the following sense. Proposition 1 (Confluence [26]). Letγ ∈ Conf_ccp\+. Ifγ −→∗ _γ

1andγ −→∗ γ2 then there existsγ′_{such thatγ}

1−→∗γ′andγ2−→∗γ′.

3

Congruence issues

A typical question in the realm of process calculi, and concurrency in general, is whether a given process equivalence is a congruence. In other words, whether the fact thatP and Q are equivalent implies that they are still equivalent in any context. More precisely, a given equivalence ⊲⊳ is said to be a congruence if P ⊲⊳ Q implies C[P ] ⊲⊳ C[Q] for every process context C5_{. The congruence issue is fundamental for algebraic as}

well as practical reasons; one may not be content with havingP ⊲⊳ Q equivalent but R k P 6⊲⊳ R k Q. Nevertheless, some of the representative equivalences in concur-rency are not congruences. For example, in CCS [17], trace equivalence and strong bisimilarity are congruences but weak bisimilarity is not because it is not preserved by summation contexts. So given a notion of equivalence one may wonder in what contexts the equivalence is preserved. For instance, the problem with weak bisimilarity can be avoided by using guarded-summation (see [18]).

We shall see that ˙≈sbis a congruence for ccp\+. However, this is not the case in the

presence of nondeterministic choice. Moreover, unlike CCS, the problem arises even in the presence of guarded summation/choice. In fact, our counterexample reveals that the problem is intrinsic to ccp.

3.1 Observational Equivalence

In this section we shall introduce the standard notion of observational equivalence (∼o)

[26] for ccp as well as its relation with ˙≈sb.

The notion of fairness is central to the definition of observational equivalence for ccp. We introduce this notion following [12]. Any derivation of a transition involves an application of R1 or R3. We say thatP is active in a transition t = γ −→ γ′ _{if there}

exists a derivation oft where rule R1 or R3 is used to produce a transition of the form hP, di −→ γ′′_{. Moreover, we say thatP is enabled in γ if there exists γ}′ _{such thatP}

is active inγ −→ γ′_{. A computationγ}

0 −→ γ1 −→ γ2 −→ . . . is said to be fair if

for each process enabled in someγithere existsj ≥ i such that the process is active in

γj−→ γj+1.

Note that a finite fair computation is guaranteed to be maximal, namely no outgoing transitions are possible from its last configuration.

The standard notion of observables for ccp are the results computed by a process for a given initial store. The result of a computation is defined as the least upper bound of all the stores occurring in the computation, which, due to the monotonic properties of ccp, form an increasing chain. More formally:

Definition 5 (Result). Given a finite or infinite computationξ of the form: ξ = hQ0, d0i −→ hQ1, d1i −→ hQ2, d2i −→ . . .

The result ofξ, denoted by Result(ξ), is the constraintF_idi.

5

Recall that the expressionC[P ] denotes the process that results from replacing in C, the hole • with P . For example C = R k • then C[P ] = R k P .

Note that for a finite computation the result coincides with the store of the last configuration. Now since ccp\+ is confluent (Proposition 1), the following theorem from [26] states that all the fair computations of a configuration have the same result. Proposition 2 ([26]). Letγ be ccp\+ configuration and let ξ1andξ2be two computa-tions ofγ. If ξ1andξ2are fair, then Result(ξ1) = Result(ξ2).

Before introducing the notion of observational equivalence we need some notation. Below we define the set of possible computations of a given configuration.

Definition 6 (Set of Computations). The set of computations starting fromγ, denoted Comp(γ), is defined as:

Comp(γ) = {ξ | ξ = γ −→ γ′ −→ γ′′_{−→ . . .}}

Now we introduce the notion of observables. Intuitively, the set of observables ofγ is the set of results of the fair computations starting fromγ.

Definition 7 (Observables). LetO : Proc → Con0→ 2Con be given by:

O(P )(d) = {e | ξ ∈ Comp(hP, di), ξ is fair and Result(ξ) = e}.

Using these elements we define the notion of observational equivalence. Two con-figurations are deemed equivalent if they have the same set observables for any given store.

Definition 8 (Observational equivalence). We say that P and Q are observational

equivalent, writtenP ∼oQ, iff O(P ) = O(Q).

Notice that in the case of ccp\+, as defined in [26], the set of observables is a singleton because of Proposition 2.

Remark 2. LethP, di ∈ Conf_ccp\+. Note thatO : Proc → Con0→ Con because of

Proposition 2 and it is defined asO(P )(d) = Result(ξ) where ξ is any fair computation ofhP, di.

In [2] it was shown that, in ccp\+, weak saturated barbed bisimilarity and observa-tion equivalence coincide. Recall thatP ˙≈sbQ means hP, truei ˙≈sbhQ, truei.

Proposition 3 ([2]). LetP and Q be ccp\+ processes. Then P ∼oQ iff P ˙≈sbQ.

Nevertheless, the above theorem does not hold for ccpwith nondeterministic choice. We can show this by using a counter-example reminiscent from the standard one for CCS. LetP = (ask (b) → tell(c)) + (ask (b) → tell(d)) and Q = ask (b) → ((ask (true) → tell(c)) + (ask (true) → tell(d))). One can verify that P ∼oQ

butP 6 ˙≈sbQ. However, the (⇐) direction of the theorem does hold as we show next.

LR1_{htell(c), di−→ hstop, d ⊔ ci}true LR2 hP, di α −→ hP′ , d′ i hP k Q, di−→ hPα ′ k Q, d′ i LR3 j ∈ I and α ∈ min{a ∈ Con0| cj⊑ d ⊔ a}

hP_i∈Iask(ci) → Pi, di−→ hPα j, d ⊔ αi

LR4 hP [z/x], e[z/x] ⊔ di α −→ hP′ , e′ ⊔ d ⊔ αi h∃e xP, di α −→ h∃ex′[x/z]P′[x/z], ∃x(e′[x/z]) ⊔ d ⊔ αi withx 6∈ fv (e′ ), z 6∈ fv (P ) ∪ fv (e ⊔ d ⊔ α) LR5hP [z/x], di α −→ γ′ hp(z), di−→ γα ′ wherep(x) def = P is a process definition in D

Table 2. Labeled semantics for ccp (symmetric rule for LR2 is omitted).

3.2 Congruence

We begin this section by showing that weak bisimilarity is a congruence in a restricted sense: It is preserved by all the contexts from the choice-free fragment. For this purpose it is convenient to recall the labeled semantics of ccp as well as the (labeled) weak bisimilarity introduced in [2].

Labeled Semantics In a labeled transition of the form hP, di−→ hPα ′, d′i

the labelα ∈ Con0represents a minimal information (from the environment) that needs

to be added to the stored to reduce from hP, di to hP′, d′i, i.e., hP, d ⊔ αi −→ hP′_{, d}′_i.

As a consequence, the transitions labeled with the constraint true are in one to one correspondence with the reductions defined in the previous section. For this reason, hereafter we will sometimes write−→ to meantrue−→.

The LTS(Conf , Con0, −→) is defined by the rules in Table 2. The rule LR3, for

example, says thathP_i∈Iask_{(ci) → Pi, di can evolve to hPj, d ⊔ αi if j ∈ I and the} environment provides a minimal constraintα that added to the store d entails the guard cj, i.e.,α ∈ min{a ∈ Con0| cj ⊑ d ⊔ a}. Notice that Assumption 1 guarantees the

existence ofα. The rule LR4 follows the same approach as R4, however it uses variable substitution instead of hiding with the existential operator.6_{The other rules are easily}

seen to realize the intuition given in Section 2.2.

We can now introduce the notion of weak bisimilarity ( ˙≈) from [2]. In [2] it is shown that ˙≈ coincides with ˙≈sband, by exploiting the labeled semantics, avoids the

upward closure from condition (iii) in ˙≈sb.

Definition 9 (Weak bisimilarity). A weak bisimulation is a symmetric relationR on

configurations such that whenever(γ1, γ2) ∈ R with γ1= hP, ci and γ2= hQ, di : (i) ifγ1↓ethenγ2⇓e,

(ii) ifγ1 α

−→ γ′

1then∃γ2′ s.t.hQ, d ⊔ αi −→∗γ2′ and(γ1′, γ2′) ∈ R.

We say that γ1 and γ2 are weakly bisimilar, written γ1 ≈ γ˙ 2, if there exists a weak bisimulationR such that (γ1, γ2) ∈ R. We write P ˙≈ Q iff hP, truei ˙≈hQ, truei.

To illustrate this definition consider the following example.

Example 5. Letγ1 = htell(true), truei and γ2 = hask (c) → tell(d), truei. We

can show that γ1≈ γ˙ 2 when d ⊑ c. Intuitively, this corresponds to the fact that the

implicationc ⇒ d is equivalent to true when c already entails d. The LTSs of γ1and

γ2are the following:γ1 −→ hstop, truei and γ2 c

−→ htell(d), ci −→ hstop, ci. It is now easy to see that the symmetric closure of the relation

R = {(γ2, γ1), (γ2, hstop, truei), (htell(d), ci, hstop, ci), (hstop, ci, hstop, ci)}

is a weak bisimulation as in Definition 9. ⊓⊔

The following result from [2] states that weak bisimilarity coincides with weak saturated barbed bisimilarity (Definition 4).

Proposition 4 ([2]). ˙≈sb = ˙≈.

We can now prove that ˙≈sbis a congruence in ccp\+.

Theorem 2. LetP and Q be ccp\+ processes and assume that P ˙≈sbQ. Then for every process contextC[•] in ccp\+ we have C[P ] ˙≈sbC[Q].

Notice that this result implies that observational equivalence (∼o) is a congruence.

Unfortunately the theorem above does not hold for ccp with nondeterministic choice, as shown next.

Theorem 3. There existsP′, Q, R in ccp s.t. (a) P′≈˙sb Q but (b) P′ k R 6 ˙≈sbQ k R. Proof. To prove this claim we letP = (ask (true) → tell(c)) + (ask (true) → tell_{(d)), P}′ _{= P k tell(e) and Q = (ask (true) → tell(c ⊔ e)) + (ask (true) →} tell_{(d ⊔ e)) with c 6⊑ d, c 6⊑ e, d 6⊑ c, d 6⊑ e, e 6⊑ c, e 6⊑ d.}

For (a) we can show thathP′_{, truei ˙≈}

sbhP, ei ˙≈sbhQ, truei. The first equation is trivial. For the second we define a relation on configurationsR. The set of pairs in R

are those linked in Figure 1. It can easily be verified that (the symmetric closure of)R

is a weak bisimulation (see Definition 9). The point (a) then follows from Proposition 4. For proving the part (b) of the above claim, we letR = (ask (e) → tell(α)) + (ask (e) → tell(β)). We shall prove that no weak bisimulation can contain the pair (hP k R, ei, hQ k R, truei). The results then follows from Proposition 4 and the fact

thathP′_{k R, truei ˙≈}

sbhP k R, ei which can be easily verified.

Consequently, let us assume thathP k R, ei −→ hP k tell(α), ei by executing the

left summand ofR. By condition (ii) of weak bisimulation hQ k R, truei must match

hP, ei

htell(c), ei htell(d), ei

hstop, c ⊔ ei hstop, d ⊔ ei

hQ, truei

htell(c ⊔ e), truei htell(d ⊔ e), truei

hstop, c ⊔ ei hstop, d ⊔ ei

Fig. 1. LetP = (ask (true) → tell(c))+(ask (true) → tell(d)) and Q = (ask (true) → tell(c ⊔ e)) + (ask (true) → tell(d ⊔ e)). The linked configurations are weakly bisimilar.

– hQ k R, truei does not make a transition. And now let us suppose that hQ k R, truei −→ hQ k tell(β), truei. This means that hP k tell(α), ei now has toe

match this transition. HoweverhQ k tell(β), truei −→ hQ, βi ⇓β while hP k

tell_{(α), ei 6⇓β. Thus we cannot satisfy condition (i) of weak bisimulation.} – hQ k R, truei makes a transition. To match the move it should also execute the

left summand ofR. However, since e is not the store of hQ k R, truei, Q must be

executed first. and this means executing of one of summands inQ to be able to add e to the store. If the left summand of Q is executed, we get hQ k R, truei −→∗

htell(α), c ⊔ ei. In this case we could then take the move hP k tell(α), ei −→ htell(d) k tell(α), ei. But then htell(α), c ⊔ ei ⇓c and notice thathtell(d) k

tell_{(α), ei 6⇓c, thus we cannot satisfy condition (i) of weak bisimulation. The case}

where the right summand ofQ is executed is symmetric.

4

Weak full bisimilarity

In the previous section we showed that ˙≈ (and ˙≈sb) for the full ccp is not entirely

sat-isfactory since it is not a congruence. By building on ˙≈, in this section we propose a new equivalence which we call (weak) full bisimilarity, written≈f. This new

equiva-lence does not quantify over infinitely many process contexts in its definition yet we will show that is a congruence. Furthermore, we will also prove that adequacy of≈f by

showing that it is the largest congruence included in ˙≈sb.

4.1 More than weak barbs

The key to figure out the element missing in the definition of ˙≈sb(Definition 4) lies in

Figure 1. If we look at the configurations in the figure we can see that whilehP, ei is able to produce a barbe without choosing between c and d, hQ, truei is not. The definition of ˙≈sbtries to capture this in the condition (i), namely by checking thathP, ei ⇓ethen

order to produce e, hQ, truei may have to evolve into a configuration which can no longer produce some of the weak barbshQ, truei can produce.7

Using this insight, we shall define a new notion of weak bisimilarity that changes condition (i) in ˙≈ (Definition 9) in order to deal with the problem present in Figure 1. More concretely, condition (i) requires that whenever hP, ci ↓α thenhQ, di ⇓α,

hQ, di −→∗ _hQ′_{, d}′_{i ↓}

αwithout imposing any condition betweenhP, ci and hQ′, d′i.

This makes it possible thathP, ci ↓βandhQ′, d′i does not: indeed, it might be the case

that thathQ, di −→∗ _hQ′′_{, d}′′_{i ↓}

βfor some other branchhQ′′, d′′i. Hence hP, ci and

hQ, di would pass condition (i) as in Figure 1.

Weak full bisimilaritydeals with this problem by adding a condition betweenhP, ci andhQ′_{, d}′_{i, namely hQ, di ⇓}

chas to hold by reaching a bisimilar configuration:hP, ci

has to be weakly bisimilarhQ′_{, d}′_i.

Definition 10 (Weak Full Bisimilarity). A weak full bisimulation is a symmetric

rela-tionR on configurations s.t. whenever (γ1, γ2) ∈ R with γ1= hP, ci and γ2= hQ, di implies that:

(i) there isγ2′ = hQ′, d′i such that hQ, di −→∗γ2′ wherec ⊑ d′and(γ1, γ2′) ∈ R, (ii) ifγ1

α

−→ γ′

1then there existsγ2′ = hQ′, d′i s.t. hQ, d ⊔ αi −→∗γ2′ wherec′⊑ d′ and(γ′

1, γ2′) ∈ R.

We say thatγ1 andγ2are weak fully bisimilar (γ1 ≈f γ2) if there exists a weak full bisimulationR s.t. (γ1, γ2) ∈ R. We write P ≈f Q iff hP, truei ≈f hQ, truei.

In the definition above, the fist condition states that hQ, di has to produce c by reaching a (weakly) bisimilar configuration. The second condition is the bisimulation game from ˙≈ (Definition 9) plus a condition requiring the store c′_{to be matched too.}

To better explain this notion consider again the counterexample to ˙≈ from Figure 1.

Example 6. LethP, ei, hQ, truei as in Figure 1. Let us build a relation R that is a weak full bisimulation where(hP, ei, hQ, truei) ∈ R. By condition (i) in Definition 10 we need aγ2′ = hQ′, d′i s.t. hQ, di −→∗ γ′2ande ⊑ d′ and(γ1, γ2′) ∈ R. We have two

optionsQ′ = stop and d′ = c ⊔ e or d′ = d ⊔ e.8

However, if we take(hP, ei, hstop, c ⊔ ei) ∈ R we have that hP, ei ⇓d while hstop, c ⊔ ei 6⇓d. A similar argument works

forhstop, d ⊔ ei. Therefore, no weak full bisimulation may contain (hP, ei, hQ, truei).

HencehP, ei 6≈f hQ, truei. ⊓⊔

4.2 Congruence issues

We shall now prove that full bisimilarity is a congruence w.r.t all possible contexts in ccp. Namely, wheneverγ and γ′_{are in≈}

f then they can be replaced for one another in

any context.

Theorem 4. LetP and Q be ccp processes and assume that P ≈f Q. Then for every process contextC[•] we have that C[P ] ≈f C[Q].

7_{In the case of ccp\+ this is not a concern given that in this fragment weak barbs are always}

preserved during evolution.

8_{The cases forQ}′

= tell(c ⊔ e) or Q′

= tell(d ⊔ e) with d′

Proof. Here we consider the parallel case; the other cases are trivial or easier to verify. We shall prove thatR = {(hP k R, ci, hQ k R, di) | hP, ci ≈f hQ, di} is a weak full bisimulation as in Definition 10. To prove (i), sincehP, ci ≈f hQ, di we have that

hQ, di −→∗ _hQ′_{, d}′_{i where c ⊑ d}′ _andhQ′_{, d}′_{i ˙≈hP, ci (1). Therefore by R2 we get}

hQ k R, di −→∗ _hQ′ _{k R, d}′_{i and by (1) we can conclude that (hQ}′ _{k R, d}′_{i, hP k}

R, ci) ∈ R. To prove (ii) let us assume that hP k R, ci −→ hPα 1, c1i. We proceed by induction (on the depth) of the inference ofhP k R, ci −→ hPα 1, c′i. Using LR2 (left), then P1 = (P′ k R) with hP, ci

α

−→ hP′_{, c}′_{i by a shorter inference. Since}

hP, ci ≈f hQ, di then hQ, d ⊔ αi −→∗hQ′, d′i where hP′, c′i ≈f hQ′, d′i and c′ ⊑ d′

(3). By R2 we havehQ k R, d ⊔ αi −→∗ _hQ′ _{k R, d}′_{i and from (3) we can conclude} that(hP′ _{k R, ci, hQ}′ _{k R, d}′_{i) ∈ R. Using LR2 (right), then P}

1 = (P k R′) and

c′_{= (c ⊔ α ⊔ e) with hR, ci−→ hR}α ′_{, c}′_{i by a shorter inference. From (1) we know that}

hQ, di −→∗ _hQ′_{, d}′_{i where c ⊑ d}′ _andhQ′_{, d}′_{i ˙≈hP, ci. Hence hQ k R, d ⊔ αi −→}∗

hQ′_{k R, d}′_{⊔ αi. Now since c ⊑ d}′_{then by monotonicityhR, d}′_{⊔ αi −→ hR, d}′′_{i where}

d′′= d′⊔ α ⊔ e. Therefore by R2 we get hQ k R, d ⊔ αi −→∗_hQ′_{k R}′_{, d}′′_{i and from}

(1) and monotonicityhP, c′_{i = hP, c ⊔ α ⊔ ei ˙≈hQ}′_{, d}′_{⊔ α ⊔ ei = hQ}′_{, d}′′_{i. Using this} we can conclude that(hP k R′_{, c}′_{i, hQ}′_{k R}′_{, d}′′_{i) ∈ R.}

Note that≈f is more distinguishing than ˙≈ and the result above shows that this

level of granularity is needed to obtain a weak bisimilarity that is a congruence for ccp. 4.3 Relation with observational equivalence

In section 3.1 we described the relation between weak (saturated) bisimilarity ( ˙≈sb,

Definition 4) and the standard observational equivalence (∼o, Definition 8) for ccp.

Concretely, we know that, in ccp\+, ˙≈sbcoincides with∼o, while for the full ccp ˙≈sb

implies ∼o but the converse does not hold. In this section we shall see the relation

between weak full bisimilarity (≈f, Definition 10) and ∼o. We shall prove that ≈f

coincides with∼oin ccp\+ by proving that ≈f corresponds to ˙≈sbin the choice-free

fragment of ccp. Furthermore, for the full language of ccp, we shall prove that ≈f

implies∼oagain by showing that≈f implies ˙≈sbin ccp.

Let us start by showing that≈f and ˙≈ coincide in ccp\+. This theorem strongly

relies on the confluent nature of ccp\+ (Proposition 1). Theorem 5. Letγ, γ′∈ Conf_ccp\+,γ ≈f γ′iffγ ˙≈ γ′.

The corollary below follows from Proposition 3 and 4, and Theorem 5. Corollary 1. LetP and Q be ccp\+ processes. Then P ≈f Q iff P ∼oQ.

We shall now prove that≈f implies∼ofor the full ccp. In order to do this we first

prove that≈f implies ˙≈sb.

Theorem 6. Ifγ ≈f γ′thenγ ˙≈ γ′.

The corollary below follows from Theorem 1 and 6, and Proposition 4. Corollary 2. IfP ≈f Q then P ∼oQ.

The above statement allows us to use the co-inductive techniques of full bisimula-tion to prove observabisimula-tional equivalence.

Language Relation among equivalences Congruence w.r.t. C[•] C[•]\+ ccp\+ ∼_{= = ≈}˙ _{f= ˙≈ = ˙≈sb= ∼o N/A} ∼_{=, ≈}˙ _{f, ˙≈, ˙≈sb, ∼o}

ccp ∼= = ≈˙ f⊆ ˙≈ = ˙≈sb⊆ ∼o =, ≈∼˙ f ∼=, ≈˙ f, ˙≈, ˙≈sb

Table 3. Summary of the contributions. Recall that ˙≈sb stands for the weak saturated barbed

bisimilarity (Definition 4),∼ois the standard observational equivalence (Definition 8), ˙≈

repre-sents weak bisimilarity (Definition 9),≈f is the notion of weak full bisimilarity proposed in this

paper (Definition 10) and ˙∼= stands for the behavioral congruence (Definition 11). C[•]\+ stands for the contexts where the summation operator does not occur, whileC[•] represents any possi-ble context, hence the summation operator may occur inC[•]. For this reason we put N/A (Not Applicable) in the row corresponding to ccp\+. Notice that the correspondence ˙≈ = ˙≈sb= ∼o

comes from [2].

4.4 Behavioral congruence

Finally, we prove that ≈f is the largest congruence included in ˙≈ by showing that it

coincides with the congruence ˙∼= defined next.

Definition 11 (Behavioral Congruence). We say thatP is behaviorally congruent to Q, denoted P ˙∼=Q, iff for every process context C[•] we have C[P ] ˙≈ C[Q]. We use hP, ei ˙∼=hQ, di to denote (P k tell(e)) ˙∼=(Q k tell(d)).

We now state that≈f coincides with ˙∼= for ccp with nondeterministic choice.

Theorem 7. hP, ei ≈f hQ, di iff hP, ei ˙∼=hQ, di.

5

Conclusions and Related Work

In this paper we showed that the weak saturated barbed bisimilarity ( ˙≈sb) proposed in

[2] is not a congruence for ccp. Nevertheless, we also showed that the upward closure, i.e. condition (iii), is enough to make ˙≈sb a congruence in the choice-free fragment

(ccp\+). We then proposed a new notion of bisimilarity, called weak full bisimilarity (≈f), and we proved that it is a congruence for the full ccp despite the fact that≈f

does not require any quantification over a (potentially) infinite number of contexts in its definition. Furthermore, we showed that≈f implies the standard observational

equiva-lence (∼o) for ccp from [26]. Finally we demonstrated that≈f is not too restrictive by

showing that it is the largest congruence included in ˙≈sb. See Table 3 for a summary

of the contributions of this paper. This is the first weak behavioral ccp congruence for ccp with nondeterministic choice that does not require implicit quantification over all contexts.

Most of the related work has already been discussed in the introduction (Section 1). There has been other attempts for finding a good notion of bisimilarity for ccp such as [25] and [16]. In [25] the authors propose a ccp bisimilarity that requires processes to

match the exact label in the bisimulation game, a condition which is standard in process calculi realm, however this notion is known to be too distinguishing for ccp as shown in [2]. As for [16], their notion of (strong) bisimilarity resembles to the saturated barbed bisimilarity from [2] and, although they do not give a notion of weak bisimilarity, the results in this paper can be related directly.

We plan to adapt the algorithms from [3,23] to verify≈f. We conjecture that the

decision procedure for ˙≈sb can be exploited to check≈f by modifying the way the

(weak) barbs are considered. Furthermore, in this paper we obtained a notion of weak bisimilarity that is a congruence even if we do not consider a label for observing the tell actions. Since ccp is an asynchronous language, not observing the tell follows the philosophy of considering as labels the minimal information needed to proceed, namely a tell process does not need a stimulus from the environment to post its information in the store. Following the same reasoning, we plan to investigate whether it is possible to define a labeled semantics for the asynchronousπ-calculus (Aπ) [18,24] with a τ label for the output transitions, instead of a co-action, and we shall check if a notion of bisimilarity similar to ours would also be a congruence.

References

1. F. Arbab and J. J. M. M. Rutten. A coinductive calculus of component connectors. In WADT, pages 34–55, 2002.

2. A. Aristiz´abal, F. Bonchi, C. Palamidessi, L. Pino, and F. D. Valencia. Deriving labels and bisimilarity for concurrent constraint programming. In M. Hofmann, editor, 14th

Interna-tional Conference on Foundations of Software Science and ComputaInterna-tional Structures (FOS-SACS 2011), volume 6604 of Lecture Notes in Computer Science, pages 138–152. Springer, 2011.

3. A. Aristiz´abal, F. Bonchi, L. Pino, and F. D. Valencia. Partition refinement for bisimilarity in CCP. In S. Ossowski and P. Lecca, editors, 27th Annual ACM Symposium on Applied

Computing (SAC 2012), pages 88–93. ACM, 2012.

4. M. Bartoletti and R. Zunino. A calculus of contracting processes. In 25th Annual IEEE

Symposium on Logic in Computer Science (LICS 2010), pages 332–341. IEEE Computer Society, 2010.

5. J. Bengtson, M. Johansson, J. Parrow, and B. Victor. Psi-calculi: Mobile processes, nominal data, and logic. In 24th Annual IEEE Symposium on Logic in Computer Science (LICS 2009), pages 39–48. IEEE Computer Society, 2009.

6. F. Bonchi, F. Gadducci, and G. V. Monreale. Reactive systems, barbed semantics, and the mobile ambients. In L. de Alfaro, editor, 12th International Conference on Foundations of

Software Science and Computational Structures (FOSSACS 2009), volume 5504 of Lecture

Notes in Computer Science, pages 272–287. Springer, 2009.

7. F. Bonchi, F. Gadducci, and G. V. Monreale. Towards a general theory of barbs, contexts and labels. In H. Yang, editor, APLAS, volume 7078 of Lecture Notes in Computer Science, pages 289–304. Springer, 2011.

8. F. Bonchi, B. K¨onig, and U. Montanari. Saturated semantics for reactive systems. In 21th

IEEE Symposium on Logic in Computer Science (LICS 2006), pages 69–80. IEEE Computer Society, 2006.

9. M. G. Buscemi and U. Montanari. Open bisimulation for the concurrent constraint pi-calculus. In S. Drossopoulou, editor, 17th European Symposium on Programming Languages

and Systems (ESOP 2008), volume 4960 of Lecture Notes in Computer Science, pages 254– 268. Springer, 2008.

10. F. S. de Boer, A. D. Pierro, and C. Palamidessi. Nondeterminism and infinite computations in constraint programming. Theoretical Computer Science, 151(1):37–78, 1995.

11. R. De Nicola. Behavioral equivalences. In Encyclopedia of Parallel Computing, pages 120– 127. 2011.

12. M. Falaschi, M. Gabbrielli, K. Marriott, and C. Palamidessi. Confluence in concurrent con-straint programming. Theoretical Computer Science, 183(2):281–315, 1997.

13. W. Fokkink, J. Pang, and A. Wijs. Is timed branching bisimilarity a congruence indeed?

Fundam. Inform., 87(3-4):287–311, 2008.

14. S. Knight, C. Palamidessi, P. Panangaden, and F. D. Valencia. Spatial and epistemic modal-ities in constraint-based process calculi. In M. Koutny and I. Ulidowski, editors, 23rd

In-ternational Conference on Concurrency Theory (CONCUR 2012), volume 7454 of Lecture

Notes in Computer Science, pages 317–332. Springer, 2012.

15. J. J. Leifer and R. Milner. Deriving bisimulation congruences for reactive systems. In C. Palamidessi, editor, CONCUR, volume 1877 of Lecture Notes in Computer Science, pages 243–258. Springer, 2000.

16. N. P. Mendler, P. Panangaden, P. J. Scott, and R. A. G. Seely. A logical view of concurrent constraint programming. Nordic Journal of Computing, 2(2):181–220, 1995.

17. R. Milner. A Calculus of Communicating Systems, volume 92 of Lecture Notes in Computer

Science. Springer, 1980.

18. R. Milner. Communicating and mobile systems: theπ-calculus. Cambridge University Press, 1999.

19. R. Milner and D. Sangiorgi. Barbed bisimulation. In W. Kuich, editor, 19th International

Colloquium on Automata, Languages and Programming (ICALP 1992), volume 623 of

Lec-ture Notes in Computer Science, pages 685–695. Springer, 1992.

20. J. Monk, L. Henkin, and A. Tarski. Cylindric Algebras (Part I). North-Holland, 1971. 21. C. Palamidessi, V. A. Saraswat, F. D. Valencia, and B. Victor. On the expressiveness of

linearity vs persistence in the asychronous pi-calculus. In 21th IEEE Symposium on Logic in

Computer Science (LICS 2006), pages 59–68. IEEE Computer Society, 2006.

22. L. F. Pino, F. Bonchi, and F. D. Valencia. A behavioral congruence for concurrent constraint programming with nondeterministic choice (extended version). Technical re-port, INRIA/DGA and LIX, ´Ecole Polytechnique, France, 2013. http://www.lix. polytechnique.fr/˜luis.pino/files/ictac14-extended.pdf.

23. L. F. Pino, F. Bonchi, and F. D. Valencia. Efficient computation of program equivalence for confluent concurrent constraint programming. In R. Pe˜na and T. Schrijvers, editors, 15th

International Symposium on Principles and Practice of Declarative Programming (PPDP 2013), pages 263–274. ACM, 2013.

24. D. Sangiorgi and D. Walker. Theπ-Calculus - a theory of mobile processes. Cambridge University Press, 2001.

25. V. A. Saraswat and M. C. Rinard. Concurrent constraint programming. In F. E. Allen, edi-tor, 17th Annual ACM Symposium on Principles of Programming Languages (POPL 1991), pages 232–245. ACM Press, 1990.

26. V. A. Saraswat, M. C. Rinard, and P. Panangaden. Semantic foundations of concurrent con-straint programming. In D. S. Wise, editor, 18th Annual ACM Symposium on Principles of